Hide Forgot
Description of problem: If a non admin user calls a GET API on satellite.example.com/katello/api/capsules/1, it fails with response : "message": "Resource smart_proxy not found by id '1'" Non admin user has "view_smart_proxies" permissions assigned. Even if all available persmissions are assigned to the user, the error response is same. User is able to query information for all capsules i.e GET on /katello/api/capsules/ but not for a particular ID /katello/api/capsules/:id The API /katello/api/capsules/:id is called by bootstrap.py script with --new-capsule switch so bootstrap.py cannot be run with non admin user. Version-Release number of selected component (if applicable): 6.4 6.5 How reproducible: Always Steps to Reproduce: 1. Create a user role and assign all available permissions to it. Create a user and assign the role to the user. User should be non admin 2. Run following api with above user and it fails # curl -u user:password https://satellite.example.com/katello/api/capsules/1 Actual results: APi fails with response "message": "Resource smart_proxy not found by id '1'" Expected results: Non admin user should be able to call that API with appropriate permissions assigned
Is the user assigned to the same organization and location as the capsule? Does the user have permission to view_organizations and view_locations (potentially limited to only these)?
Marek: Yes, the user was already assigned to the same organization and location as the capsule, and the user's role already had the view_organizations and view_locations permissions.
Created redmine issue https://projects.theforeman.org/issues/30385 from this bug